Tag: zero trust security

The Centrify Zero Trust Security model is effective because it allows organizations to remove trust from the equation entirely. Based on the assumption that untrusted actors already exist inside and outside the network, Zero Trust leverages powerful identity services to secure every user’s access to apps and infrastructure. Only after identity is authenticated and the integrity of the device is proven can access to resources be granted–but even then with just enough privilege to perform the task at hand. Here are five best practices for achieving Zero Trust security: Always Verify the User with Multi-factor Authentication (MFA) The days of…

Many Australian businesses need to rethink their approach to security to prepare for their nation’s new mandatory data breach notification law which take effect this month. The Privacy Amendment (Notifiable Data Breaches) Act 2017 enacts the Notifiable Data Breaches (NDB) scheme in Australia from February 22 this year. The NDB scheme mandates that organizations suffering lost or breached data must notify affected customers as soon as they become aware of the breach and must also report the incident to the Privacy Commissioner. The legislation covers information such as personal details, credit reports, credit eligibility details, and tax file number (TFN) records…

Countless companies globally are trapped in data breach Groundhog Day, unable to escape a repeating cycle of cyber attacks. In the 2018 Thales Data Threat Report, produced by 451 Research, the key theme is that while spending in IT Security is increasing, breaches are increasing at a faster pace and becoming more costly. As in past years, the 451 Group report indicates that companies cyber budgets are being spent in areas that have been identified as least effective in securing data. “Clearly, doing what we have been doing for decades is no longer working. The more relevant question on the…

A consumer ratings agency, a cable network, a transportation company and a web services provider. What ties them together? Sure, they were all impacted by very high-profile security breaches. But, if you dig a little deeper, you’ll find these organizations had a lot in common before, during and after their respective breaches. And those commonalities can teach us valuable lessons. A quick recap Equifax became the latest poster child for cybersecurity after it announced criminals had gained access to the financial data of 143 million people. The massive breach led to 23 class-action lawsuits, a $4.3 billion loss in market…

Following the high-profile breach of the US Office of Personnel Management (OPM), which exposed the personal data of millions of Americans, the House of Representatives’ Committee on Oversight and Government Reform issued a report on the attack in 2016. That report provided an exhaustive account of the events leading up to the breach, illustrating how a hacker posing as an employee of an OPM contractor was able to use false credentials to log into the system, install malware and create a back door into the network—a back door that was exploited for four years before it was discovered. The report makes…

With 50,000 attendees, over 1,000 breakout sessions and countless sponsors and exhibitors, the 2017 AWS re:Invent conference in Las Vegas was one of the largest events yet. With announcements like server-less containers, managed databases and bare metal compute instances immediately available as a service, enterprises see cloud adoption as a clear choice model to operate. Security to protect infrastructure and workloads in AWS was a hot topic — specifically in the realm of identity and access management. Enterprises migrating to AWS needed solutions to secure their AWS accounts, secure access to EC2 instances and secure access to their existing on-premises…

As we start 2018, we have continued to see major breaches across industries, only last year we witnessed at least two companies — Uber and Equifax — opt to hold off on alerting the public to their respective cybersecurity breaches and make them public at a later, more convenient date. Whether a coincidence or a trend in the making, time will tell. What we do know is that these were among a handful of security “events” that will help shape the year to come. Here are our predictions for 2018. Organizations will respond to the current threat landscape with a…

Centrify has been busy building innovative technology and powerful partnerships. This post will talk about a longtime partnership, cool tech, and a deeper level of integration. Centrify and Yubico have been partners for more than three years already and work together with joint customers, in the field, and at a corporate level. Centrify and Yubico U2F Integration To further its move towards a Zero Trust Security Model, Centrify joined the FIDO (Fast IDentity Online) Alliance and strengthened its integration with Yubico. Centrify Identity Services now provides support for the FIDO Alliance’s Universal 2nd Factor (U2F) specification, an authentication standard designed to…

During a year of high-profile breaches like Equifax, HBO and Uber, as well as the realization that Yahoo’s highly-publicized 2013 breach compromised the accounts of all three billion of its users, the tide started to turn in 2017. Organizations, industry experts, thought leaders, the media and even consumers began to understand the status quo simply isn’t working. Ideas like Zero Trust and comprehensive identity protection moved center stage and the Centrify solution advanced into the spotlight. After a survey at the RSA Conference revealed that just 55 percent of IT pros believe their company’s current technology ensures security, and a…

‘Twas the month of Christmas and all through the town, packages ‘round trees were being carefully laid down. But much to the surprise of one neighborhood, their packages were stolen, taken for good! Despite guarded gate, doorbell cameras and perimeter wall, the residents had no clue about their tormenters at all! One crafty neighbor with experience from Christmases before, Built a zero-trust model, to protect more than his front door. All that entered the house, he could monitor and see, and to access his extra special stuff required more than just one key. One night as he slept, something stirred…

Centrify CEO Tom Kemp, an industry expert in security and infrastructure software, discusses market and technology issues around the disruption occurring in the Identity and Access Management market due to the cloud, mobile and consumerization of IT trends occurring in today's IT environment.